Merge branch 'main' into main

hakasapl · web-flow · commit 5c25c3285458 · 2023-03-07T13:28:46.000-05:00
diff --git a/config/branding/config.ini b/config/branding/config.ini
@@ -52,6 +52,8 @@ admin = "admin-email@unitywebportal.test"
 admin_name = "Unity Admins"
 sender = "sender-email@unitywebportal.test"
 sender_name = "Unity Sender"
+pi_approve = "piapproval@unitywebportal.test"
+pi_approve_name = "Unity PI Approval"
 
 [page]  ; which sql objects to use for the content on these pages
 home = "home"
diff --git a/resources/init.php b/resources/init.php
@@ -66,7 +66,9 @@
     $BRANDING["mail"]["support"],
     $BRANDING["mail"]["support_name"],
     $BRANDING["mail"]["admin"],
-    $BRANDING["mail"]["admin_name"]
+    $BRANDING["mail"]["admin_name"],
+    $BRANDING["mail"]["pi_approve"],
+    $BRANDING["mail"]["pi_approve_name"]
 );
 
 //
diff --git a/resources/lib/UnityGroup.php b/resources/lib/UnityGroup.php
@@ -93,6 +93,17 @@ public function requestGroup($send_mail = true)
                     "email" => $this->getOwner()->getMail()
                 )
             );
+
+            $this->MAILER->sendMail(
+                "pi_approve",
+                "group_request_admin",
+                array(
+                    "user" => $this->getOwner()->getUID(),
+                    "org" => $this->getOwner()->getOrg(),
+                    "name" => $this->getOwner()->getFullname(),
+                    "email" => $this->getOwner()->getMail()
+                )
+            );
         }
     }
 
diff --git a/resources/lib/UnityMailer.php b/resources/lib/UnityMailer.php
@@ -19,6 +19,8 @@ class UnityMailer extends PHPMailer
     private $MSG_SUPPORT_NAME;
     private $MSG_ADMIN_EMAIL;
     private $MSG_ADMIN_NAME;
+    private $MSG_PI_APPROVAL_EMAIL;
+    private $MSG_PI_APPROVAL_NAME;
 
     public function __construct(
         $template_dir,
@@ -34,7 +36,9 @@ public function __construct(
         $msg_support_email,
         $msg_support_name,
         $msg_admin_email,
-        $msg_admin_name
+        $msg_admin_name,
+        $msg_pi_approval_email,
+        $msg_pi_approval_name
     ) {
         parent::__construct();
         $this->isSMTP();
@@ -87,6 +91,8 @@ public function __construct(
         $this->MSG_SUPPORT_NAME = $msg_support_name;
         $this->MSG_ADMIN_EMAIL = $msg_admin_email;
         $this->MSG_ADMIN_NAME = $msg_admin_name;
+        $this->MSG_PI_APPROVAL_EMAIL = $msg_pi_approval_email;
+        $this->MSG_PI_APPROVAL_NAME = $msg_pi_approval_name;
     }
 
     public function sendMail($recipients, $template = null, $data = null)
@@ -105,6 +111,8 @@ public function sendMail($recipients, $template = null, $data = null)
 
             if ($recipients == "admin") {
                 $this->addBCC($this->MSG_ADMIN_EMAIL, $this->MSG_ADMIN_NAME);
+            } elseif ($recipients == "pi_approve") {
+                $this->addBCC($this->MSG_PI_APPROVAL_EMAIL, $this->MSG_PI_APPROVAL_NAME);
             } else {
                 if (is_array($recipients)) {
                     foreach ($recipients as $addr) {
diff --git a/resources/lib/UnitySite.php b/resources/lib/UnitySite.php
@@ -2,6 +2,8 @@
 
 namespace UnityWebPortal\lib;
 
+use phpseclib3\Crypt\PublicKeyLoader;
+
 class UnitySite
 {
     public static function redirect($destination)
@@ -50,4 +52,14 @@ public static function getConfig($conf_path)
         $arr = parse_ini_file($conf_path, true);
         return $arr;
     }
+
+    public static function testValidSSHKey($key_str)
+    {
+        try {
+            PublicKeyLoader::load($key_str);
+            return true;
+        } catch (\Exception $e) {
+            return false;
+        }
+    }
 }
diff --git a/webroot/js/ajax/ssh_validate.php b/webroot/js/ajax/ssh_validate.php
@@ -0,0 +1,12 @@
+<?php
+
+require "../../../resources/autoload.php";
+
+use phpseclib3\Crypt\PublicKeyLoader;
+
+try {
+    PublicKeyLoader::load($_POST['key'], $password = false);
+    echo "true";
+} catch (Exception $e) {
+    echo "false";
+}
diff --git a/webroot/panel/account.php b/webroot/panel/account.php
@@ -6,17 +6,32 @@
 
 require_once $LOC_HEADER;
 
+$invalid_ssh_dialogue = "<script type='text/javascript'>
+alert('Invalid SSH key. Please verify your public key file is valid.');
+</script>";
+
 if ($_SERVER['REQUEST_METHOD'] == "POST") {
     switch ($_POST["form_type"]) {
         case "addKey":
             $added_keys = array();
 
             switch ($_POST["add_type"]) {
                 case "paste":
-                    array_push($added_keys, $_POST["key"]);
+                    $key = $_POST["key"];
+                    if (UnitySite::testValidSSHKey($key)) {
+                        array_push($added_keys, $key);
+                    } else {
+                        echo $invalid_ssh_dialogue;
+                    }
                     break;
                 case "import":
-                    array_push($added_keys, file_get_contents($_FILES['keyfile']['tmp_name']));
+                    $keyfile = $_FILES["keyfile"]["tmp_name"];
+                    $key = file_get_contents($keyfile);
+                    if (UnitySite::testValidSSHKey($key)) {
+                        array_push($added_keys, $key);
+                    } else {
+                        echo $invalid_ssh_dialogue;
+                    }
                     break;
                 case "generate":
                     array_push($added_keys, $_POST["gen_key"]);
diff --git a/webroot/panel/modal/new_key.php b/webroot/panel/modal/new_key.php
@@ -32,7 +32,7 @@
     <div id="key_paste">
         <textarea placeholder="ssh-rsa AAARs1..." form="newKeyform" name="key"></textarea>
 
-        <input type="submit" value="Add Key">
+        <input type="submit" value="Add Key" id="add-key">
     </div>
 
     <div style="display: none;" id="key_import">
@@ -90,4 +90,26 @@
             }
         });
     });
+
+    $("textarea[name=key]").on("input", function() {
+        var key = $(this).val();
+        $.ajax({
+            url: "<?php echo $CONFIG["site"]["prefix"]; ?>/js/ajax/ssh_validate.php",
+            type: "POST",
+            data: {
+                key: key
+            },
+            success: function(result) {
+                const res = result.replace(key, "");
+                if (res == "true") {
+                    $("input[id=add-key]").prop("disabled", false);
+                    $("textarea[name=key]").css("box-shadow", "none");
+                } else {
+                    $("input[id=add-key]").prop("disabled", true);
+                    $("textarea[name=key]").css("box-shadow", "0 0 0 0.3rem rgba(220, 53, 69, 0.25)");
+                }
+            }
+        });
+    });
+
 </script>

Original file line number	Diff line number	Diff line change
`@@ -93,6 +93,17 @@ public function requestGroup($send_mail = true)`
`93`	`93`	`"email" => $this->getOwner()->getMail()`
`94`	`94`	`)`
`95`	`95`	`);`
	`96`	`+`
	`97`	`+ $this->MAILER->sendMail(`
	`98`	`+ "pi_approve",`
	`99`	`+ "group_request_admin",`
	`100`	`+ array(`
	`101`	`+ "user" => $this->getOwner()->getUID(),`
	`102`	`+ "org" => $this->getOwner()->getOrg(),`
	`103`	`+ "name" => $this->getOwner()->getFullname(),`
	`104`	`+ "email" => $this->getOwner()->getMail()`
	`105`	`+ )`
	`106`	`+ );`
`96`	`107`	`}`
`97`	`108`	`}`
`98`	`109`